Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add patch that adds support for wolfssl TLS sockets in zephyr #195

Merged
merged 1 commit into from
Jul 24, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 33 additions & 0 deletions zephyr/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
## How to setup wolfSSL support for standard Zephyr TLS Sockets and RNG
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please update the zephyr/include.am to include these with EXTRA_DIST so they are included with a "make dist"

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So all new files are part of the patch. I dont think the new overlay files should go in EXTRA_DIST as they arent needed, and will not exist, for zephyr users that dont use the patch. Also these new files arent really part of the zephyr wolfssl external module, they are specifically extensions of the zephyr samples so I dont know if it makes sense for extensions of zephyr samples to be in a wolfssl distribution right? Especially since the associated changes in zephyr sockets_tls.c wont necessarily be there, meaning we are then distributing overlays that are dependent on external changes.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you want these files part of the wolfssl download package or the commercial release? In my opinion all files need to be included... Please add to the zephyr/include.am these two new files.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can look at trying to do a conditional add but im still not so sure. "Do you want these files part of the wolfssl download package or the commercial release?" I think these changes should be bound to the changes in the zephyr sources. So if those changes to the zephyr sources arent part of the wolfssl download package or commercial release then I believe these should also not be included.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It doesn't have to be conditional. Always include as EXTRA_DIST+=....


wolfSSL can also be used as the underlying implementation for the default Zephyr TLS socket interface.
With this enabled, all existing applications using the Zephyr TLS sockets will now use wolfSSL inside
for all TLS operations. This will also enable wolfSSL as the default RNG implementation. To enable this
feature, first ensure wolfSSL has been added to the west manifest using the instructions from the
README.md here: https://github.com/wolfSSL/wolfssl/tree/master/zephyr

Once the west manifest has been updated, run west update, then run the following command to patch the sources

```
patch -p1 < /path/to/your/osp/zephyr/zephyr-tls-{PATCH_VERSION}.patch
```

Where PATCH_VERSION is the appropriate patch version.

### Run Zephyr TLS samples

```
west build -b <your_board> samples/net/sockets/echo_server -DEXTRA_CONF_FILE=overlay-wolfssl.conf
```

### Run Zephyr TLS tests

```
west build -b <your_board> tests/net/socket/tls_ext/ -DEXTRA_CONF_FILE=overlay-wolfssl.conf
```

```
west build -b <your_board> tests/net/socket/tls/ -DEXTRA_CONF_FILE=overlay-wolfssl.conf
```


Loading